Changelog History
Page 2
-
v0.4.4 Changes
July 07, 2020- ๐ Fix symbol lookup with namespaces. ([@palkan][])
๐ Fixes #122.
- Separated
#classify
-based and#camelize
-based symbol lookups. ([@Be-ngt-oH][])
๐ Only affects Rails apps. Now lookup for
:users
tries to findUsersPolicy
first (camelize), and only then search forUserPolicy
(classify).๐ See PR#118.
- ๐ Fix calling rules with
allowed_to?
directly. ([@palkan][])
Fixes #113
-
v0.4.3 Changes
December 14, 2019- Add
#cache(*parts, **options) { ... }
method. ([@palkan][])
๐ Allows you to cache anything in policy classes using the Action Policy cache key generation mechanism.
- ๐ Handle versioned Rails cache keys. ([@palkan][])
Use
#cache_with_version
as a cache key if defined. - Add
-
v0.4.2 Changes
December 13, 2019- ๐ Fix regression introduced in 0.4.0 which broke testing Class targets. ([@palkan][])
-
v0.4.1
December 13, 2019 -
v0.4.0 Changes
December 11, 2019๐ Features
- Optional authorization context. (#95)
In addition to
allow_nil: true
, we now have an option to skip the context altogether:class OptionalRolePolicy \< ActionPolicy::Baseauthorize :role, optional: trueendpolicy = OptionalRolePolicy.newpolicy.role #=\> nil
- ๐ Rails generators. (#87)
Now you can use
action_policy:install
andaction_policy:policy MODEL
Rails generators.- ๐ New instrumentation event:
action_policy.init
.
Triggered every time a new policy object is initialized.
๐ Changes
- โ Composed matchers are supported in authorization target testing.
โ Now you can write tests like this:
expect { subject }.to be\_authorized\_to(:show?, an\_instance\_of(User))
-
v0.3.4 Changes
November 27, 2019- ๐ Fix Rails generators. ([@palkan][])
Only invoke install generator if
application_policy.rb
is missing. ๐ Fix hooking into test frameworks. -
v0.3.3 Changes
November 27, 2019- ๐ Improve pretty print functionality. ([@palkan][])
Colorize true/false values. ๐ Handle multiline expressions and debug statements (i.e.,
binding.pry
).- โ Add Rails generators. ([@nicolas-brousse][])
Adds
action_policy:install
andaction_policy:policy MODEL
Rails generators.- Optional authorization target. ([@somenugget][])
๐ Allows making authorization context optional:
class OptionalRolePolicy < ActionPolicy::Base authorize :role, optional: true end policy = OptionalRolePolicy.new policy.role #=> nil
-
v0.3.2 Changes
May 26, 2019- ๐ Fixed thread-safety issues with scoping configs. ([@palkan][])
๐ Fixes #75.
-
v0.3.1 Changes
May 30, 2019- ๐ Fixed bug with missing implicit target and hash like scoping data. ([@palkan][])
๐ Fixes #70.
-
v0.3.0 Changes
April 02, 2019- โ Added ActiveSupport-based instrumentation. ([@palkan][])
๐ See PR#4
- ๐ Allow passing authorization context explicitly. ([@palkan][])
Closes #3.
Now it's possible to override implicit authorization context via
context
option:authorize! target, to: :show?, context: {user: another_user} authorized_scope User.all, context: {user: another_user}
- ๐ Renamed
#authorized
to#authorized_scope
. ([@palkan][])
NOTE:
#authorized
alias is also available.- โ Added
Policy#pp(rule)
method to print annotated rule source code. ([@palkan][])
Example (debugging):
def edit? binding.pry # rubocop:disable Lint/Debugger (user.name == "John") && (admin? || access_feed?) end
pry> pp :edit? MyPolicy#edit? โณ ( user.name == "John" #=> false ) AND ( admin? #=> false OR access_feed? #=> true ) )
๐ See PR#63
- โ Added ability to provide additional failure reasons details. ([@palkan][])
Example:
class ApplicantPolicy < ApplicationPolicy def show? allowed_to?(:show?, object.stage) end end class StagePolicy < ApplicationPolicy def show? # Add stage title to the failure reason (if any) # (could be used by client to show more descriptive message) details[:title] = record.title # then perform the checks user.stages.where(id: record.id).exists? end end